Ncabetecf

**Nome do software vulnerável e versões afetadas** Plugin Cloudflare para WordPress (versões afetadas não especificadas) **Descrição** A vulnerabilidade está relacionada a uma autenticação inadequada, permitindo que invasores com contas de privilégios mais baixos acessem dados da API do Cloudflare. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** WARP Mobile Client versions prior to 6.29 **Description** The issue is due to a misconfiguration, making the WARP Mobile Client susceptible to a tapjacking attack. If an attacker installs a malicious application on a victim's device, they can trick the user into believing the app shown on the screen is the WARP client when, in reality, it is the attacker's app. **Recommendations** For versions prior to 6.29, update to version 6.29 or later to resolve the issue. As a temporary workaround, consider restricting the installation of applications from unknown sources to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Cloudflare WARP client for Windows versions up to 2023.3.381.0 **Description** The issue is related to insufficient access control policy on an IPC Named Pipe, allowing a malicious actor to remotely access the warp-svc.exe binary. This could enable an attacker to trigger WARP connect and disconnect commands, as well as obtain network diagnostics and application configuration from the target's device. Exploitation requires specific conditions, including the target's device being reachable on port 445 and allowing authentication with NULL sessions or having knowledge of the target's credentials. **Recommendations** For Cloudflare WARP client for Windows versions up to 2023.3.381.0, update to a version later than 2023.3.381.0 to resolve the issue. As a temporary workaround, consider restricting access to the warp-svc.exe binary and limiting authentication to prevent NULL sessions or unauthorized access. Additionally, ensure that port 445 is not reachable from untrusted networks to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Cloudflare WARP Client for Windows versions <= 2022.12.582.0 **Description** An unprivileged user can exploit an Improper Access Control issue to perform privileged operations with SYSTEM context by using a combination of opportunistic locks and symbolic links. The vulnerability lies in the repair function of the MSI-Installer placed under C:WindowsInstaller after installing the Cloudflare WARP Client. This can lead to attacks including the manipulation of system files and privilege escalation, allowing an attacker to delete arbitrary files and read arbitrary file content. **Recommendations** For versions <= 2022.12.582.0, upgrade to version 2023.3.381.0 or later and delete any older installers present in the system to address the vulnerability. As a temporary workaround, consider restricting access to the MSI-Installer under C:WindowsInstaller to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** cloudflared versions <= 2023.3.0 **Description** A vulnerability has been discovered in cloudflared's installer for Windows 32-bits devices that allows a local attacker with no administrative permissions to escalate their privileges on the affected device. This vulnerability exists because the MSI installer used by cloudflared relied on a world-writable directory. An attacker with local access to the device can use symbolic links to trick the MSI installer into deleting files in locations that the attacker would otherwise have no access to. By creating a symlink from the world-writable directory to the target file, the attacker can manipulate the MSI installer's repair functionality to delete the target file during the repair process. Exploitation of this vulnerability could allow an attacker to delete important system files or replace them with malicious files, potentially leading to the affected device being compromised. **Recommendations** For cloudflared versions <= 2023.3.0, update to version 2023.3.1 or later, which includes a new installer that fixes the vulnerability. Additionally, users are encouraged to remove old installers from their systems. As a temporary workaround, consider restricting access to the world-writable directory used by the MSI installer to minimize the risk of exploitation.